Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/a1ext/ida-embed-arch-disasm

Allows IDA PRO to disassemble x86-64 code (WOW64) in 32-bit database
https://github.com/a1ext/ida-embed-arch-disasm

disasm ida-plugin ida-pro idapython x86-64

Last synced: 3 months ago
JSON representation

Allows IDA PRO to disassemble x86-64 code (WOW64) in 32-bit database

Host: GitHub
URL: https://github.com/a1ext/ida-embed-arch-disasm
Owner: a1ext
License: apache-2.0
Created: 2018-06-29T11:20:36.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2021-12-27T16:01:58.000Z (almost 3 years ago)
Last Synced: 2024-05-27T11:57:23.281Z (6 months ago)
Topics: disasm, ida-plugin, ida-pro, idapython, x86-64
Language: Python
Size: 109 KB
Stars: 24
Watchers: 4
Forks: 8
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        IDA Embed arch disasm

---------------------

Allows you to disassemble x86-64 code (like inlined WOW64 one) while you using 32-bit IDA database. This would be helpfull to analyze WOW64 mode switches.

## Dependencies

* `capstone` Python module

In case you use IDA 7 and newer make sure you download and install `capstone` for appropriate Python version and architecture, because since IDA 7 by default is 64-bit. You could find the binary installer [here](https://www.capstone-engine.org/download.html)

## Installation

* Install `capstone`

* Download the main plugin module [`ida-embed-arch-disasm.py`](https://github.com/a1ext/ida-embed-arch-disasm/raw/master/ida-embed-arch-disasm.py) (`Right click the link -> Save link as...`) and save it to IDA `plugins` folder

## Showcase

### Before

![before0.png](docs/before0.png)

### Select the range you want to disassemble

![open_menu0.png](docs/open_menu0.png)

### After (disassembled instructions are in comments)

![after0.png](docs/after0.png)